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DETAILED ACTION 

Claims 1-39 are pending. 

Information Disclosure Statement 

The IDS submitted 1/5/2004 has been considered. 

Claim Objections 

Claims 1-23, 32-33, 35 and 37 are objected to because of the following 
informalities: 

1. Claim 1 recites "at least one initiator and one responder". To maintain 
consistency, the examiner respectfully submits that later recitations of "said 
initiator" and "said responder" in claim 1 and its dependent claims should instead 
be "said at least one initiator" and "said one responder". A similar suggestion is 
made for claim 14 and its dependent claims. A similar suggestion is made for 
claims 32-33. 

2. Claims 35 and 37 recite "authorising" and "authorisation", which should be 
"authorizing" and "authorization" respectively — spelling error. 

3. Appropriate correction is required. 



Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, macliine. manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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Claims 1-24 and 32-33 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

1 . Claim 1 is not statutory because the steps of the method do not produce a 
concrete, useful, and tangible result. The method is directed towards securing 
communication and by the final step of the method, a comparison is done 
between the verification code and authentication code. However, no result of the 
comparison has been produced nor used to result in securing of communication. 
Claims 2-1 3 further define the method of claim 1 , but also do not appear to 
produce a concrete, useful, and tangible result, thus are also not statutory. This 
rejection can be overcome by reciting a step which uses the result of the 
comparison to secure communication between the initiator and responder. 

2. Claim 14 and its dependent claims are not statutory for similar reasons given for 
claim 1, that is the steps of the method do not produce a concrete, useful, and 
tangible result. The rejection can be overcome in a similar manner suggested for 
claim 1 . 

3. Claim 32 is directed towards a computer program, i.e. software per se, which is 
not statutory. 

4. Claim 33 is directed towards a computer program product with a computer 
program stored thereon. It would appear that the computer program product 
could be software per se, which is not statutory. This rejection can be overcome 
by reciting a "computer readable medium" instead of a computer program 
product. Absent any disclosure in the specification which defines the computer 
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readable medium as a signal, a computer readable medium with a computer 
program stored therein is statutory. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
"Obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-6, 8-11, 14-18. 20-30, and 32-33 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Peyravian et al (US 2004/0158715) in view of Crandall (US 
5,159,632). 
Claim 1: 

Peyravian discloses: 

a) computing an authentication code using a first key and a second key within said 
responder, i.e. server (Fig 1, steps 150-155), 

b) transmitting said second key and said authentication code from said responder to 
said initiator (Fig 1, steps 160-165), 

c) transmitting said first key from said responder to said initiator (Fig 1 , steps 160-165), 

d) computing a verification code using said first key and said second key within said 
initiator, i.e. client (Fig 2. steps 205-215), and 

e) comparing said verification code with said authentication code within said initiator 
(Fig 2. step 220). 
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Peyravian does not explicitly disclose the transmission in step b was using a first 
communication channel while the transmission in step c was using a second 
communication channel. However, note that a public key system is used to generate 
the authentication and verification code (paragraphs 17-32; Fig 2, step 150-155; and Fig 
3, steps 210-215). Crandall discloses that with public key systems, a nonsecure 
channel is usually used to transmit some of the information and a secure channel is 
used to transmit other information (col 1, lines 32-51 and col 2, lines 4-7, 26-28, and 43- 
46). The secure channel is considered a first channel and the nonsecure channel is 
considered a second channel. At the time applicant's invention was made, it would 
have been obvious to one of ordinary skill in the art to modify Peyravian's invention 
such that the transmissions of steps b and c were accomplished using two separate 
channels, i.e. a first secured channel and a second nonsecured channel. One skilled 
would have been motivated to do so because as evidenced by Crandall's teachings, it is 
traditional in public key systems to exchange some information using a first secure 
channel and other information using a second nonsecure channel. 
Claim 2: 

Peyravian further discloses wherein a first key is generated within said responder 
(paragraph 35 and Fig 1, step 140). 
Claim 3: 

Peyravian further discloses wherein a second key is generated within said 
responder (paragraph 33 and 35). The ID and/or PK(sub(s)) can be considered the 
second key. 
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Claim 4: 

Peyravian does not explicitly disclose wherein in step b) said second key and 
said authentication code are transmitted via a confidential and/or authenticated 
communication channel. However, as previously discussed, Crandall discloses that 
with public key systems, some of the information sent from one party to the other is 
transmitted using a nonsecure channel while others are transmitted via a secure, i.e. 
confidential, channel (col 1, lines 32-51 and col 2, lines 4-7. 26-28, and 43-46). 

At the time applicant's invention was made, one skilled would have been 
motivated to transmit the second key and authentication code via a secure/ via a 
confidential and/or authenticated communication channel. One skilled would have been 
motivated to do so for the reasons given in claim 1 . One skilled would also have been 
motivated to do so because it would protect against a man-in-the-middle attack to 
transmit the second key and authentication code via a secure/ via a confidential and/or 
authenticated communication channel. 
Claim 5: 

Peyravian does not explicitly disclose wherein in step c) said first key is 
transmitted via an open communication channel. However, as discussed in claim 1, 
with public key system, certain information are transmitted via a nonsecure/open 
connimunication channel. It would have been obvious to transmit the first key of 
Peyravian's invention via an open communication channel because the first key is a 
public key. One skilled would have been motivated to do so because public keys are 
typically transmitted via an open communication channel. 
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Claim 6: 

Peyravian further discloses wlierein said second key is composed of a first part 
and a second part and wherein said first part is used for computing said authentication 
code (paragraphs 33 and 35 and Fig 1, step 155) and said second part is used for 
calculating an authentication value in a further step f) (Fig 1, step 150 or 160). The ID 
and/or PK(sub(s)) values are considered the second key. Thus the second key is 
composed of at least two parts, the first part being used to compute said authentication 
code, i.e. hash(arg(subs)). 
Claim 8: 

Peyravian further discloses wherein said authentication code and said verification 
code are computed using an algorithm to compute a short message authentication code 
(Fig 1 , step 155 and Fig 2, step 215). A hash is a short message authentication code. 
Claim 9: 

Peyravian discloses comparison of the authentication code and verification code 
in step e) yielding difference (Fig 2, steps 220 and 230). Peyravian does not explicitly 
disclose wherein if step e) yields a difference, said initiator requests said responder to 
retransmit said first key. However, official notice is taken that asking a responder to 
retransmit a key used in authenticating the responder if authentication comparison fails 
was well known in the art. For example, when a user logs into a web page using a user 
id and password and accidentally enters the wrong id or password, the web server 
typically tells the user the authentication has failed and to try to authenticate again. At 
the time applicant's invention was made, it would have been obvious to one skilled in 
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the art to further modify Peyravian's invention such that if step e) yields a difference, 
said initiator requests said responder to retransmit said first key. One skilled would 
have been motivated to do so because it is common practice in the art to let a 
responder know if authentication failed and to try again by resubmitting the necessary 
information. 
Claim 10: 

Peyravian further discloses wherein in a further step f) an authentication value is 
calculated within said initiator using said second key (Fig 2, step 210). 
Claim 11: 

Peyravian further discloses wherein said authentication code is calculated using 
a pseudo random, i.e. hash, function (Fig 1, step 155). 
Claim 14: 

Claim 14 is substantially similar to what is recited in claim 1 and is rejected for 
similar reasons given therein. The difference is that claim 14 recites a raw public key 
for the first key of claim 1 . However, note that the first key disclosed by Peyravian is a 
raw public key, i.e. D(sub(s)), (Fig 1, steps 150-155 and paragraph 19). Claim 14 also 
recites that in step c), the raw public key was transmitted within an encrypted 
certification payload. However, note that Peyravian discloses the raw public key being 
transmitted within an encrypted certificate payload, i.e. EXT(sub(s)) (Fig 1, steps 160- 
165). 

Claims 15-18: 
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Claims 15-18 recite limitations similar to what is recited in claims 2-3 and 6 
respectively and are rejected for similar reasons given therein. 
Claim 20: 

Claim 20 recites limitations similar to what is recited in claim 5 and is rejected for 
similar reasons. The difference is that claim 20 refers to the first key of claim 5 as the 
raw public key. However, as discussed in claim 14, Peyravian discloses the first key 
being the raw public key. 
Claims 21-22: 

Claims 21-22 recite limitations similar to what is recited in claims 8-9 and are 
rejected for similar reasons given therein. 
Claim 23: 

Peyravian further discloses wherein in further steps for communicating the 
second key is used for authenticating the initiator to the responder (paragraph 39), 
Claim 24: 

As per claim 24, the steps a)-b) as disclosed by Peyravian in view of Crandall are 
used to authenticate the server, thus are pre-authenticate messages. Step c) is used to 
exchange keys, thus is an internet key exchange protocol message. Peyravian does 
not explicitly disclose the internet key exchange protocol is IKEv2 EAP. However, 
IKEv2 EAP was a well known standard for key exchange at the time applicant's 
invention was made. It would have been obvious to one skilled in the art to utilize IKEv2 
EAP as the internet key exchange protocol. One skilled would have been motivated to 
do so because IKEv2 EAP is a standard in network communication. 
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Claim 25: 

Claim 25 is directed towards a system comprising a responder and initiator with 
means for implementing the method of claim 1 and is rejected for similar reasons as 
claim 1. 
Claim 26: 

Claim 26 is directed towards system with a generating means for implementing 
the method of claims 2 and 3 and is rejected for similar reasons given therein. 
Claim 27: 

Claim 27 is directed towards system with a first transmission system for 
implementing the method of claim 4 and is rejected for similar reasons given therein. 
Claim 28: 

Claim 28 is directed towards system with a second transmission means for 
implementing the method of claim 5 and is rejected for similar reasons given therein. 
Claim 29: 

As per claim 29, Peyravian does not explicitly disclose wherein said responder, 
comprises storage means to store said second key. However, official notice is taken 
that at the time applicant's invention was made, it was well known for server machines, 
i.e. said responder, to have storage means to store keys. It would have been obvious 
for the responder of Peyravian's modified invention to comprises storage means to store 
said second key because at least some form of storage is needed for the responder to 
use the second key in calculations or in transmission of the second key. As can be 
seen in Figure 1, the keys are used in various calculations by the responder/server. 
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Claim 30: 

As per claim 30, Peyravian does not explicitly disclose wherein said initiator 
comprises storage means to store said received second key and said received 
authentication code. However, official notice is taken that at the time applicant's 
invention was made, it was well known for client machines, i.e. said initiator, to have 
storage means. It would have been obvious for the initiator of Peyravian's modified 
invention to comprises storage means to store said received second key and said 
received authentication code because at least some form of storage is needed for the 
responder to use the second key in calculations or in transmission of the second key. 
As can be seen in Figure 2, the keys are used in various calculations by the 
responder/server. 
Claim 32: 

Claim 32 is directed towards a computer program with instructions to implement 
the method of claim 1 and is reject for the same reasons given therein. 
Claim 33: 

Claim 33 is directed towards a compute program product with a computer 
program with instructions to implement the method of claim 1 and is reject for the same 
reasons given therein. 
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Claims 7, 12-13, 19, and 31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Peyravian et al (US 2004/0158715) in view of Crandall (US 
5,159,632) and further in yie\N of Eskicioglu (US 2002/0087865). 
Claim 7: 

Peyravian does not explicitly disclose wherein said first part is an empty string 
and wherein said authentication code is calculated as an unkeyed hash code. 
However, Eskicioglu discloses that unkeyed hash codes where a hash code is 
generated without the use of a key was well known in the art at the time applicant's 
invention was made (paragraph 12). It would have been obvious to one of ordinary skill 
in the art to further modify Peyravian's invention such that the first part is an empty 
string and the authentication code was calculated as an unkeyed hash code. One 
skilled would have been motivated to do so because unkeyed hash codes would be 
useful for authenticating the message, which provides assurance of the identity of the 
originator of the message (Eskicioglu: paragraph 8). It would also provide proof of data 
integrity, which is one of the most important objectives of information security 
(Eskicioglu: paragraph 4). 
Claim 12: 

Peyravian does note explicitly disclose wherein said authentication value is used 
in a step g) for authenticating messages transmitted from said initiator to said 
responder, or vice versa. However, Eskicioglu discloses use of an authentication value 
for authenticating messages transmitted form said initiator to said responder, or vice 
versa (paragraph 6). At the time applicant's invention was made, it would have been 
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obvious to one of ordinary skill in the art to further modify Peyravian's invention 
according to the limitations recited in claim 12. One skilled would have been motivated 
to do so because data authentication is one of the most important objectives of 
information security (Eskicioglu: paragraph 4). 
Claim 13: 

As per claim 13, the steps a)-b) as disclosed by Peyravian in view of Crandall are 
used to authenticate the server, thus are pre-authenticate messages. Further the 
messages of steps c) and g) as disclosed by Peyravian in view of Crandall and 
Eskicioglu are used to exchange keys, thus are internet key exchange protocol 
messages. 
Claim 19: 

Claim 7 recite limitations similar to what is recited in claim 7 and is rejected for 
similar reasons given therein. 
Claim 31: 

Claim 31 is directed towards a system comprising operating means for 
implementing the method of claim 13, thus is rejected for similar reasons given therein. 



Claims 34-39 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Peyravian et al (US 2004/0158715) in view of Crandall (US 5,159,632) and evidenced 
by Eskicioglu (US 2002/0087865) 
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Claim 34: 

Claim 34 is directed towards a computing device having computing means, first 
transmission means, and second transmission means for implementing the method of 
claim 1. These limitations are rejected for similar reasons given in claim 1. Claim 34 
additionally recites deciphering means, deciphering a ciphered message from said 
initiator, where said ciphered message is ciphered with a shared secret key at least 
partially derived from said first key. Peyravian does not explicitly disclose this limitation. 
However, Crandall discloses the limitation (col 1, lines 10-23). At the time applicant's 
invention was made, it would have been obvious to one skilled in the art to further 
modify Peyravian's invention such to include the deciphering means recited in claim 34. 
One skilled would have been motivated to do so as it would provide for message 
confidentiality, which is one of the most important objectives of information security as 
evidenced by Eskicioglu (paragraphs 4-5). Note that ID, P, or S as disclosed by 
Peyravian can be considered the shared secret key. 
Claim 35: 

Peyravian further discloses authorizing means, authorizing an authorization 
message from said initiator, where said authorization message is authorized with a 
shared secret key at least partially derived from said first key (Fig 2). 
Claim 36: 

Claim 36 is directed towards a communication device comprising first 
transmission means, second transmission means, computing means, and comparing 
means to implement the method of claim 1 and these limitations are rejected for similar 
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reasons given in claim 1. Claim 36 additionally recites ciphering means, ciphering a 
message to be sent to said responder, where said ciphered message is ciphered with a 
shared secret key at least partially derived from said first key, which is not explicitly 
disclosed by Peyravian. However, Crandall discloses the limitation (col 1, lines 10-23). 
At the time applicant's invention was made, it would have been obvious to one skilled in 
the art to further modify Peyravian's invention such to include the ciphering means 
recited in claim 36. One skilled would have been motivated to do so as it would provide 
for message confidentiality, which is one of the most important objectives of information 
security as evidenced by Eskicioglu (paragraphs 4-5). Note that ID, P, or S as 
disclosed by Peyravian can be considered the shared secret key. 
Claim 37: 

Claim 37 recites limitations similar to what is recited in claim 35 and is rejected 
for similar reasons given therein. 
Claims 38-39: 

Claims 38 and 39 recite limitations substantially similar to what is recited in 
claims 34 and 36 respectively and are rejected for similar reasons given therein. 

Conclusion 

Note that while the above citations of the art are meant to help applicant in 
consideration of the art with respect to the recited limitations, applicant should fully 
review all of the prior art of record since other sections not cited by the examiner could 
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also be pertinent to the recited limitations and other combinations of the prior art of 
record could also be applicable in rejecting the claimed invention. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Pich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Thurs. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Sen/ice Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Ponnoreay Pich " 

Examiner 

Art Unit 2135 
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